<?php
/**
 * 
 * Users module
 * 
 * @name			Cosa users
 * @description		Standard users module for Cosa admin
 * @version			1.0.0
 * 
 * @author			Stijn Van Minnebruggen
 * @author_url		www.donotfold.be
 * @module_url		www.donotfold.be/projects/cosa
 * 
 * @sub1			users
 * @sub2			groups
 * 
 */

class users extends Module
{
	
	/**
	 * Add a user
	 * 
	 * @param	array	$postVars
	 * @return	bool
	 */
	
	public function users_add($postVars)
	{
		// required
			global $cosa, $db, $user, $modules, $lang, $path;
			if(!isset($postVars) || empty($postVars)) {
				$modules->addMessage($lang->get('add-users-failed'));
				return false;
			}
		
		// add users
			$sql = "INSERT INTO ".$db->table('users')."
					SET	uname			= '".addslashes($postVars['uname'])."'
						,email			= '".addslashes($postVars['email'])."'
						,pass			= '".md5(addslashes($postVars['pass']))."'
						,name_f			= '".addslashes($postVars['name_f'])."'
						,name_l			= '".addslashes($postVars['name_l'])."'
						,group_id		= '".addslashes($postVars['group_id'])."'
						,language_id	= '".addslashes($lang->id)."'
						,time_created	= NOW()
						,time_modified	= NOW()
					";
			@mysql_query($sql) or $cosa->kill($lang->get('add-users-failed'), 'db');
			$users_id = mysql_insert_id();
		
		// return success
			$modules->addMessage($lang->get('add-users-success'));
			return true;
		
	}
	
	
	/**
	 * Edit a user
	 * 
	 * @param	array	$postVars
	 * @param	int		$id
	 * @return	bool
	 */
	
	public function users_edit($postVars, $id)
	{
		// required
			global $cosa, $db, $user, $modules, $lang, $path;
			if(!isset($id) || empty($id)) {
				$modules->addMessage($lang->get('edit-users-failed'));
				return false;
			}
		
		var_dump($postVars);
		
		// pass
			$pass = (!empty($postVars['pass'])) ? md5($postVars['pass']) : false;
		
		// edit user
			$sql = "UPDATE ".$db->table('users')."
					SET	uname			= '".addslashes($postVars['uname'])."'
						,email			= '".addslashes($postVars['email'])."'
					";
			if($pass) $sql .= ",pass = '".$pass."' ";
			$sql .= "
						,name_f			= '".addslashes($postVars['name_f'])."'
						,name_l			= '".addslashes($postVars['name_l'])."'
						,group_id		= '".addslashes($postVars['group_id'])."'
						,language_id	= '".addslashes($lang->id)."'
						,time_modified	= NOW()
					WHERE
						id				= '".addslashes($postVars['edit'])."'
					";
			@mysql_query($sql) or $cosa->kill($lang->get('edit-users-failed'), 'db');
		
		// return success
			$modules->addMessage($lang->get('edit-users-success'));
			return true;
		
	}
	
	
	/**
	 * Delete a user
	 * 
	 * @param	int		$id
	 * @return	bool
	 */
	
	public function users_del($id)
	{
		// required
			global $cosa, $db, $modules, $lang, $user;
			if(!isset($id) || empty($id)) {
				$modules->addMessage($lang->get('del-users-failed'));
				return false;
			}
		
		// check self
			if($id == $user->id()) {
				$modules->addMessage($lang->get('del-users-failed-self'));
				return false;
			}
		
		// execute query
			$sql = "DELETE FROM ".$db->table('users')." WHERE id ='".addslashes($id)."' LIMIT 1";
			@mysql_query($sql) or $cosa->kill($lang->get('del-users-failed'), 'db');
		
		// add message to pool
			$modules->addMessage($lang->get('del-users-success'));
			return true;
		
	}
	
	
	/**
	 * Get one user
	 * 
	 * @param	int		$id
	 * @return	array
	 */
	
	public function users_get($id)
	{
		// required
			global $cosa, $db;
			if(!isset($id) || empty($id)) return false;
		
		// execute query
			$sql = "SELECT * FROM ".$db->table('users')." WHERE id ='".addslashes($id)."' LIMIT 1";
			$res = @mysql_query($sql) or $cosa->oops('Could not fetch user.', 'db');
		
		// return result
			if(!mysql_num_rows($res)) return false;
			$row = mysql_fetch_array($res);
			return $row;
		
	}
	
	
	/**
	 * Add a group
	 * 
	 * @param	array	$postVars
	 * @return	bool
	 */
	
	public function groups_add($postVars)
	{
		// required
			global $cosa, $db, $user, $modules, $lang, $path;
			if(!isset($postVars) || empty($postVars)) {
				$modules->addMessage($lang->get('add-groups-failed'));
				return false;
			}
		
		// add users
			$sql = "INSERT INTO ".$db->table('users_groups')." SET name = '".addslashes($postVars['name'])."'";
			@mysql_query($sql) or $cosa->kill($lang->get('add-groups-failed'), 'db');
			$group_id = mysql_insert_id();
		
		// update group permissions
			$this->_updateModulePermissions($group_id, $postVars);
			$this->_updateLanguagePermissions($group_id, $postVars);
		
		// return success
			$modules->addMessage($lang->get('add-groups-success'));
			return true;
		
	}
	
	
	/**
	 * Edit a group
	 * 
	 * @param	array	$postVars
	 * @param	int		$id
	 * @return	bool
	 */
	
	public function groups_edit($postVars, $id)
	{
		// required
			global $cosa, $db, $user, $modules, $lang, $path;
			if(!isset($id) || empty($id)) {
				$modules->addMessage($lang->get('edit-groups-failed'));
				return false;
			}
		
		// edit group
			$sql = "UPDATE ".$db->table('users_groups')." SET name = '".addslashes($postVars['name'])."' WHERE id = '".addslashes($postVars['edit'])."'";
			@mysql_query($sql) or $cosa->kill($lang->get('edit-groups-failed'), 'db');

		// update group permissions
			$this->_updateModulePermissions($postVars['edit'], $postVars);
			$this->_updateLanguagePermissions($postVars['edit'], $postVars);
		
		// return success
			$modules->addMessage($lang->get('edit-groups-success'));
			return true;
		
	}
	
	
	/**
	 * Delete a group
	 * 
	 * @param	int		$id
	 * @return	bool
	 */
	
	public function groups_del($id)
	{
		// required
			global $cosa, $db, $modules, $lang, $user;
			if(!isset($id) || empty($id)) {
				$modules->addMessage($lang->get('del-groups-failed'));
				return false;
			}
		
		// check self
			if($id == $user->group_id) {
				$modules->addMessage($lang->get('del-groups-failed-self'));
				return false;
			}
		
		// execute query
			$sql = "DELETE FROM ".$db->table('users_groups')." WHERE id = '".addslashes($id)."'";
			@mysql_query($sql) or $cosa->kill($lang->get('del-groups-failed'), 'db');
		
		// delete module permissions
			$sql = "DELETE FROM ".$db->table('modules_perm')." WHERE group_id = '".addslashes($id)."'";
			@mysql_query($sql) or $cosa->kill($lang->get('del-groups-failed'), 'db');
		
		// delete language permissions
			$sql = "DELETE FROM ".$db->table('languages_perm')." WHERE group_id = '".addslashes($id)."'";
			@mysql_query($sql) or $cosa->kill($lang->get('del-groups-failed'), 'db');
		
		// add message to pool
			$modules->addMessage($lang->get('del-groups-success'));
			return true;
		
	}
	
	
	/**
	 * Get one group
	 * 
	 * @param	int		$id
	 * @return	array
	 */
	
	public function groups_get($id)
	{
		// required
			global $cosa, $db;
			if(!isset($id) || empty($id)) return false;
		
		// execute query
			$sql = "SELECT * FROM ".$db->table('users_groups')." WHERE id ='".addslashes($id)."' LIMIT 1";
			$res = @mysql_query($sql) or $cosa->oops('Could not fetch user.', 'db');
		
		// return result
			if(!mysql_num_rows($res)) return false;
			$row = mysql_fetch_array($res);
			return $row;
		
	}
	
	
	/**
	 * Get number of users in this group
	 * 
	 * @param	int		$id
	 * @return	array
	 */
	
	public function groups_getNumUsers($id)
	{
		// required
			global $cosa, $db;
			if(!isset($id) || empty($id)) return false;
		
		// execute query
			$sql = "SELECT COUNT(*) AS num FROM ".$db->table('users')." WHERE group_id ='".addslashes($id)."' GROUP BY group_id";
			$res = @mysql_query($sql) or $cosa->oops('Could not fetch num users in group.', 'db');
		
		// return result
			if(!mysql_num_rows($res)) return false;
			$row = mysql_fetch_array($res);
			return $row['num'];
		
	}
	
	
	/**
	 * Print groups dropdown
	 * 
	 * @param	string	$name
	 * @param	int		$value	
	 * @return	void
	 */
	
	public function printGroupsDD($name='group_id', $value=false)
	{
		global $cosa, $db;
		$dd = '<select name="'.$name.'">'."\n\t";
		$sql = "SELECT id, name FROM ".$db->table('users_groups')." ORDER BY name";
		$res = mysql_query($sql) or die('Could not fetch groups');
		while($row = mysql_fetch_array($res)) {
			$selected = ($value == $row['id']) ? ' selected="selected"' : '';
			$dd .= '<option value="'.stripslashes($row['id']).'"'.$selected.'>'.stripslashes($row['name']).'</option>'."\n\t";
		}
		$dd .= '</select>'."\n";
		echo $dd;
	}
	
	
	/**
	 * Update group module permissions
	 * 
	 * @param	int		$group_id
	 * @param	array	$postVars
	 * @return	bool
	 */
	
	private function _updateModulePermissions($group_id, $postVars)
	{
		// required
			global $cosa, $db, $modules, $user;
			$newPerm = array();
			
		// get new permissions
			$allModules = $modules->getInstalledModules();
			foreach($allModules as $k => $v) {
				if(isset($postVars['permissions_'.$v['id']]) && $postVars['permissions_'.$v['id']] == '1') $newPerm[] = $v['id'];
			}
			if(empty($newPerm)) return false;
		
		// update user permissions
			return $user->updateGroupModulePermissions($group_id, $newPerm);
		
	}
	
	
	/**
	 * Update group language permissions
	 * 
	 * @param	int		$group_id
	 * @param	array	$postVars
	 * @return	bool
	 */
	
	private function _updateLanguagePermissions($group_id, $postVars)
	{
		// required
			global $cosa, $db, $modules, $user, $lang;
			$newPerm = array();
			
		// get new permissions
			$allLanguages = $lang->getAllLanguages();
			foreach($allLanguages as $k => $domain) {
				foreach($domain['languages'] as $lk => $language) {
					if(isset($postVars['lang_permissions_'.$language['id']]) && $postVars['lang_permissions_'.$language['id']] == '1') $newPerm[] = $language['id'];
				}
			}
			if(empty($newPerm)) return false;
		
		// update user permissions
			return $user->updateGroupLanguagePermissions($group_id, $newPerm);
		
	}
	
	
}

?>